I am making an app that needs to be able to share stories to Facebook, using a password and email-address that was set somewhere programmatically (not using Facebook-Connect, mostly because I want my own design, whether you log in to Twitter or Facebook from the app).
I have done this with Twitter and XAuth already, and that works brilliant. Is there any way I can achieve the same with Facebook, or just regular OAuth? (Or does Facebook support XAuth, that would make it a lot easier?)
Is there any other way I can achieve what I want?
The theory is that your app should never see the user's password.
In practice, since the code all runs in your app, it's trivial to get the user's password (and it's about as trivial to present a similar UI to grab the user's password).
Since you have full source code, it should be easy enough to just call the function that does logging-in with the username and password. I don't recommend this:
What's wrong with using the normal Facebook login screen?
EDIT: More details...
For sites using OAuth, like Facebook, what you are attempting to do is to circumvent user security. For a simple description of OAuth, check out this link: http://bit.ly/awynlU The short version is that Facebook is in charge of authenticating the user and does so on their servers. As tc has mentioned, the theory is that you never see the password.
Good, bad, or indifferent, what you want to do is supposed to be prevented. If it can be done, it's in violation of the security model the site has set up— Facebook in this case.
Incidently, Twitter is also moving toward OAuth. According to the info I have, "Starting August 31, all applications will be required to use “OAuth” to access your Twitter account."
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With